[EDGEPOD-186] Add Ansible playbook for Aether Edge
Change-Id: I71d73a5a4fdf7e5ccf12df924597af6ab90a68b4
diff --git a/aether-playbook/roles/k8s/defaults/main.yml b/aether-playbook/roles/k8s/defaults/main.yml
new file mode 100644
index 0000000..6132d2f
--- /dev/null
+++ b/aether-playbook/roles/k8s/defaults/main.yml
@@ -0,0 +1,32 @@
+# Copyright 2020-present Open Networking Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+ntp_enabled: true
+ntp_servers:
+ - time1.google.com
+ - time2.google.com
+ntp_timezone: Etc/UTC
+
+etc_hosts_entries:
+ - ip: 10.168.0.200
+ name: registry.central.aetherproject.net
+ - ip: 10.168.0.3
+ name: rancher.central.aetherproject.net
+
+docker_daemon_options:
+ insecure-registries:
+ - registry.central.aetherproject.net
+
+docker_version: 18.06.3~ce~3-0~ubuntu
diff --git a/aether-playbook/roles/k8s/handlers/main.yml b/aether-playbook/roles/k8s/handlers/main.yml
new file mode 100644
index 0000000..cd20f52
--- /dev/null
+++ b/aether-playbook/roles/k8s/handlers/main.yml
@@ -0,0 +1,20 @@
+# Copyright 2020-present Open Networking Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+- name: restart ntp
+ systemd: name=ntp state=restarted
+
+- name: restart docker
+ systemd: name=docker state=restarted
diff --git a/aether-playbook/roles/k8s/tasks/docker.yml b/aether-playbook/roles/k8s/tasks/docker.yml
new file mode 100644
index 0000000..7d90bbb
--- /dev/null
+++ b/aether-playbook/roles/k8s/tasks/docker.yml
@@ -0,0 +1,70 @@
+# Copyright 2020-present Open Networking Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+
+- name: Install dependencies for Docker
+ apt:
+ name:
+ - apt-transport-https
+ - ca-certificates
+ - curl
+ - software-properties-common
+ state: present
+ tags: docker
+
+- name: Add Docker GPG key
+ shell: |
+ curl -sSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
+ args:
+ warn: false
+ tags: docker
+
+- name: Add Docker repository
+ shell: |
+ add-apt-repository \
+ "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
+ $(lsb_release -cs) \
+ stable"
+ args:
+ warn: false
+ tags: docker
+
+- name: Install Docker CE
+ apt:
+ name: docker-ce={{ docker_version }}
+ state: present
+ update_cache: yes
+ tags: docker
+
+- name: Add current user to "docker" group
+ user:
+ name: "{{ ansible_user }}"
+ groups: docker
+ append: true
+ tags: docker
+
+- name: Configure Docker daemon options
+ copy:
+ dest: /etc/docker/daemon.json
+ content: "{{ docker_daemon_options | to_json }}"
+ register: docker_register_options
+ notify: restart docker
+ tags: docker
+
+- name: Reload systemd daemon
+ systemd:
+ daemon_reload: true
+ when: docker_register_options is changed
+ tags: docker
diff --git a/aether-playbook/roles/k8s/tasks/k8s.yml b/aether-playbook/roles/k8s/tasks/k8s.yml
new file mode 100644
index 0000000..1561d1a
--- /dev/null
+++ b/aether-playbook/roles/k8s/tasks/k8s.yml
@@ -0,0 +1,48 @@
+# Copyright 2020-present Open Networking Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+- name: Initialize k8s role
+ set_fact:
+ k8s_roles: ""
+ tags: k8s
+
+- name: Add k8s master role
+ set_fact:
+ k8s_roles: "{{ k8s_roles }} --etcd --controlplane"
+ when: "'kube-master' in group_names"
+ tags: k8s
+
+- name: Add k8s worker role
+ set_fact:
+ k8s_roles: "{{ k8s_roles }} --worker"
+ when: "'kube-worker' in group_names"
+ tags: k8s
+
+- name: Print k8s roles
+ debug:
+ msg: k8s_roles {{ k8s_roles }}
+ tags: k8s
+
+- name: Install k8s
+ command: >-
+ docker run -d --privileged --restart=unless-stopped --net=host
+ --volume /etc/kubernetes:/etc/kubernetes
+ --volume /var/run:/var/run
+ rancher/rancher-agent:v2.3.3
+ --server https://rancher.central.aetherproject.net
+ --token {{ rancher_cluster_token }}
+ --ca-checksum {{ rancher_ca_checksum }}
+ {{ k8s_roles }}
+ tags: k8s
diff --git a/aether-playbook/roles/k8s/tasks/main.yml b/aether-playbook/roles/k8s/tasks/main.yml
new file mode 100644
index 0000000..0a357a6
--- /dev/null
+++ b/aether-playbook/roles/k8s/tasks/main.yml
@@ -0,0 +1,26 @@
+# Copyright 2020-present Open Networking Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+- include_tasks: pre-install.yml
+ tags:
+ - etc-hosts
+ - ntp
+ - swapoff
+
+- include_tasks: docker.yml
+ tags: docker
+
+- include_tasks: k8s.yml
+ tags: k8s
diff --git a/aether-playbook/roles/k8s/tasks/pre-install.yml b/aether-playbook/roles/k8s/tasks/pre-install.yml
new file mode 100644
index 0000000..b0b2bfa
--- /dev/null
+++ b/aether-playbook/roles/k8s/tasks/pre-install.yml
@@ -0,0 +1,70 @@
+# Copyright 2020-present Open Networking Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+- name: Run "apt update"
+ apt:
+ update_cache: yes
+
+- name: Install ntp
+ apt: name=ntp state=present
+ when: ntp_enabled | bool
+ tags: ntp
+
+- name: Configure ntp file
+ template: src=etc/ntp.conf.j2 dest=/etc/ntp.conf
+ when: ntp_enabled | bool
+ notify: restart ntp
+ tags: ntp
+
+- name: Start the ntp service
+ service: name=ntp state=started enabled=yes
+ when: ntp_enabled | bool
+ tags: ntp
+
+- name: Set timezone to {{ ntp_timezone }}
+ timezone:
+ name: "{{ ntp_timezone }}"
+ when: ntp_enabled | bool
+ tags: ntp
+
+- name: Remove swapfile from /etc/fstab
+ mount:
+ name: "{{ item }}"
+ fstype: swap
+ state: absent
+ with_items:
+ - swap
+ - none
+ tags: swapoff
+
+- name: Check if swap is enabled
+ command: /sbin/swapon -s
+ register: swapon
+ changed_when: no
+ tags: swapoff
+
+- name: Disable swap
+ command: /sbin/swapoff -a
+ when: swapon.stdout
+ tags: swapoff
+
+- name: Add internal service domains to /etc/hosts
+ become: yes
+ lineinfile:
+ path: /etc/hosts
+ line: "{{ item['ip'] }}\t\t{{ item['name'] }}"
+ state: present
+ with_items: "{{ etc_hosts_entries }}"
+ tags: etc-hosts
diff --git a/aether-playbook/roles/k8s/templates/etc/ntp.conf.j2 b/aether-playbook/roles/k8s/templates/etc/ntp.conf.j2
new file mode 100644
index 0000000..0c46ff1
--- /dev/null
+++ b/aether-playbook/roles/k8s/templates/etc/ntp.conf.j2
@@ -0,0 +1,27 @@
+# Copyright 2020-present Open Networking Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# {{ ansible_managed }}
+
+# For more information about this file, see the man pages
+# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
+
+driftfile /var/lib/ntp/drift
+
+restrict 127.0.0.1
+restrict -6 ::1
+
+{% for i in ntp_servers %}
+server {{ i }}
+{% endfor %}